Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: Fij0hRLv7SNVvfbotEoDUAQ0sMYgq3dehWo1w6GLmuA=
Subject key identifier: 3F:23:5E:3E:FD:06:B0:85:EF:C4:DF:99:7B:CE:F9:9F:9D:42:2A:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59B3618D28EA9F2FD8B59A08AD3331EB179FFEC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Tue 19 May 2026 05:40:09 +0000
ROA not before: Tue 19 May 2026 05:40:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b3:61:8d:28:ea:9f:2f:d8:b5:9a:08:ad:33:31:eb:17:9f:fe:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=13ef35fb6afdeb3a9ed3bf04d358cc7ea4bced73774f23d48cf09d842011f168, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:46:00:84:60:74:05:98:0c:35:3d:b0:5e:0b:
58:e9:22:c6:3a:2d:94:45:00:f7:35:45:3e:ad:75:
24:8f:e5:75:45:44:de:ef:36:19:0c:b9:25:d8:ab:
5e:66:26:85:58:26:45:c7:44:7e:51:46:d2:7b:29:
68:ae:26:89:e0:e1:4b:9b:8c:67:92:f4:a4:9c:c5:
c1:82:38:d3:18:75:b4:22:8c:64:9e:f0:cd:5b:d4:
32:6a:14:43:33:3e:06:26:d0:03:88:80:28:e6:88:
81:ac:30:da:6d:4b:ce:7c:60:42:44:f8:20:ea:8a:
11:f1:70:35:c4:5e:2e:b1:d7:c6:9d:6a:b6:cb:ec:
f8:7d:86:1c:ad:65:ec:c7:33:a4:49:0e:7a:e3:ed:
c5:4a:e2:f1:5b:2e:d1:06:30:71:e8:04:3b:80:2b:
8d:f8:58:db:5a:83:8f:33:76:32:e4:c6:be:a3:cc:
28:75:c3:ef:93:82:1a:ab:6d:82:b7:f1:c0:7e:c3:
de:f4:55:89:8d:6b:9e:6d:f7:b8:2c:4e:8d:9d:82:
63:4e:0b:6d:10:55:c5:1d:42:c7:cc:e2:4e:c7:87:
91:d3:af:25:04:7d:93:b9:2a:94:f7:1f:ac:93:13:
7e:8a:17:5d:71:08:34:42:31:6f:50:8b:c8:1d:83:
63:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:23:5E:3E:FD:06:B0:85:EF:C4:DF:99:7B:CE:F9:9F:9D:42:2A:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
c8:ab:33:4b:8c:e0:3c:ae:08:dc:b7:78:31:0a:c2:3e:bb:8c:
a1:b4:c5:7c:b2:26:f6:a2:81:d4:6f:16:3f:1c:ec:54:c9:69:
b4:ec:25:c7:28:f5:9f:ab:aa:b4:9b:b9:f9:d9:b0:a8:f4:4d:
86:9c:4d:8f:7e:29:ce:4b:84:84:9f:ee:27:99:7e:6c:e9:c7:
04:32:52:b5:65:88:aa:2d:a4:b3:0a:94:4c:e7:9b:11:6c:91:
a8:4c:62:ae:62:66:d8:55:db:60:57:5a:4a:74:38:7d:0c:bd:
04:ec:78:67:26:02:13:08:3a:f1:f1:05:08:6a:e6:49:31:27:
97:df:6b:e4:9a:35:a4:48:79:f3:0a:d6:0e:99:f8:cc:d7:d4:
3b:53:db:d4:3c:13:df:8e:5c:61:f7:09:92:75:14:16:16:95:
73:67:7d:2e:1b:64:56:55:5f:1a:34:da:f9:f5:b3:bd:d0:19:
30:c6:a8:2c:fb:09:f8:14:05:3b:e2:04:cb:64:89:4b:96:27:
0e:a6:08:eb:2a:fb:e6:f7:f3:fb:09:e9:ac:57:0f:66:48:8d:
61:f1:e0:c4:72:1a:b9:45:fa:ab:6a:80:ec:42:9d:b3:56:ca:
c7:e3:0f:7c:df:86:1a:54:04:2f:aa:3e:0c:74:9b:9e:f7:1a:
3f:a8:e6:7a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWbNhjSjqny/YtZoIrTMx6xef/sQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzZWYzNWZiNmFmZGViM2E5ZWQzYmYwNGQzNThjYzdlYTRiY2VkNzM3NzRm
MjNkNDhjZjA5ZDg0MjAxMWYxNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBGAIRgdAWYDDU9sF4LWOkixjotlEUA9zVFPq11JI/ldUVE3u82GQy5Jdir
XmYmhVgmRcdEflFG0nspaK4mieDhS5uMZ5L0pJzFwYI40xh1tCKMZJ7wzVvUMmoU
QzM+BibQA4iAKOaIgaww2m1LznxgQkT4IOqKEfFwNcReLrHXxp1qtsvs+H2GHK1l
7MczpEkOeuPtxUri8Vsu0QYwcegEO4ArjfhY21qDjzN2MuTGvqPMKHXD75OCGqtt
grfxwH7D3vRViY1rnm33uCxOjZ2CY04LbRBVxR1Cx8ziTseHkdOvJQR9k7kqlPcf
rJMTfooXXXEINEIxb1CLyB2DYyUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ/I14+
/Qawhe/E35l7zvmfnUIqOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAyKszS4zgPK4I3Ld4MQrCPruMobTFfLIm9qKB
1G8WPxzsVMlptOwlxyj1n6uqtJu5+dmwqPRNhpxNj34pzkuEhJ/uJ5l+bOnHBDJS
tWWIqi2kswqUTOebEWyRqExirmJm2FXbYFdaSnQ4fQy9BOx4ZyYCEwg68fEFCGrm
STEnl99r5Jo1pEh58wrWDpn4zNfUO1Pb1DwT345cYfcJknUUFhaVc2d9LhtkVlVf
GjTa+fWzvdAZMMaoLPsJ+BQFO+IEy2SJS5YnDqYI6yr75vfz+wnprFcPZkiNYfHg
xHIauUX6q2qA7EKds1bKx+MPfN+GGlQEL6o+DHSbnvcaP6jmeg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:24 2026 by rpki-client